This blog is about the Linux Command Line Interface (CLI), with an occasional foray into GUI territory.
Instead of just giving you information like some man page, I hope to illustrate each command in real-life scenarios.

Search This Blog

Saturday, October 19, 2013

How to connect to a WPA/WPA2 WiFi network using Linux command line

This is a step-to-step guide for connecting to a WPA/WPA2 WiFi network via the Linux command line interface. The tools are:

wpa_supplicant

iw

ip

ping

iw is the basic tool for WiFi network-related tasks, such as finding the WiFi device name, and scanning access points. wpa_supplicant is the wireless tool for connecting to a WPA/WPA2 network.
ip is used for enabling/disabling devices, and finding out general network interface information.

The steps for connecting to a WPA/WPA2 network are:

Find out the wireless device name.

$ /sbin/iw dev
phy#0
Interface wlan0
ifindex 3
type managed

The above output showed that the system has 1 physical WiFi card, designated as phy#0. The device name is wlan0. The type specifies the operation mode of the wireless device. managed means the device is a WiFi station or client that connects to an access point.

The 2 important pieces of information from the above are the SSID and the security protocol (WPA/WPA2 vs WEP).
The SSID from the above example is gorilla. The security protocol is RSN, also commonly referred to as WPA2.
The security protocol is important because it determines what tool you use to connect to the network.

Connect to WPA/WPA2 WiFi network.

This is a 2 step process. First, you generate a configuration file for wpa_supplicant that contains the pre-shared key ("passphrase") for the WiFi network.

wpa_passphrase takes the SSID as the single argument. You must type in the passphrase for the WiFi network gorilla after you run the command. Using that information, wpa_passphrase will output the necessary configuration statements to the standard output. Those statements are appended to the wpa_supplicant configuration file located at /etc/wpa_supplicant.conf.

The above routing table contains only 1 rule which redirects all traffic destined for the local subnet (192.168.1.x) to the wlan0 interface.
You may want to add a default routing rule to pass all other traffic through wlan0 as well.

The above series of steps is a very verbose explanation of how to connect a WPA/WPA2 WiFi network.
Some steps can be skipped as you connect to the same access point for a second time. For instance, you already know the WiFi device name, and the configuration file is already set up for the network. The process needs to be tailored according to your situation.

Thank you so much for this great post. You saved me from a big disaster. Thanks a lot. But I'm suffering from last one problem. I've connected to the network in my office. I can view IP from 'ifconfig' command. But I couldn't connect to this system from a external system at given ip. I've looked upon router configuration page where my device has been connected but ip isn't shown. when I use 'ip route show' this is coming, 192.168.1.0/24 dev wlan0 proto kernel scope link src 192.168.1.12.

Also, the route and the wpa_supplicant command aren't persistent. For a permanent change, we have to add them in /etc/network/interfaces (for Debian), in the Wi-Fi interface section. Mine ended up like:

Nice tutorial but I still cannot connect. I have tried both drivers, as well as omitting -D, and none connect. Is the correct connect syntax "sudo iw connect -w "? I did not see this in your article, does the wpa_supplicant run this automatically on initialisation? I'll look elsewhere for now but keep up the good work, this is arcane stuff. If only iw's help and man pages were as well organised as wpa_supplicant's...

I gave my technically-inespeiernced brother Opensuse since i can teamviewer in to fix any issues he has, but when Display-manager failed i thought I was screwed, This guide helped him connect to wireless so i could ssh in

atlatl's comment also helped a lot. the original article failed in assuming drivers.

1st of all. . Thanks for the detailed steps. After this I got the internet. But I have 2 questions.1. After rebooting my laptop I have to do redo this procedure again. Can't we make this permanent?

2. I have a lan on the same network and the default route is already with the lan. And now when i try to add the default route again it says rtnetlink file exists. Is there a way I have same default route from both lan and wifi

you'd be hard pressed to find anything more basic and informative as this. truly the best help page on command line wifi configuration i've been able to find on the internet anywhere... and i've been to a lot of pages covering this topic. thanks again.